Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.4, 3.0.5, 3.1.0.M2, 3.1.0.RC1
    • Fix Version/s: 3.1.0.RC2, 3.0.6
    • Component/s: None
    • Labels:
      None
    • Environment:
      dosn't matter (ff, tomcat@debian)

      Description

      The authentication fails if a user copy&pastes his OpenId identity and it includes a white sprace at the end.
      An additional space is often append by copy it from hmtl pages or emails.

      I've got this problem with 3.0.4, but I'm sure all other versions are also affected.

      Fix would look like this at OpenIDAuthenticationFilter.attemptAuthentication():

      String identity = request.getParameter("openid.identity");
      if (!StringUtils.hasText(identity)) {
      identity = identity.trim(); // FIX
      String claimedIdentity = obtainUsername(request);

      Stracktrace:
      org.springframework.security.authentication.AuthenticationServiceException: Unable to process claimed identity 'http://alice-franz.myopenid.com/ '
      at org.springframework.security.openid.OpenIDAuthenticationFilter.attemptAuthentication(OpenIDAuthenticationFilter.java:143) ~[org.springframework.security.openid_3.0.4.RELEASE.jar:3.0.4.RELEASE]

        Activity

        Hide
        Luke Taylor added a comment -

        Thanks for report. Note thatyour fix would throw a NPE . So I've trimmed the return value from the obtainUsername() method instead.

        Show
        Luke Taylor added a comment - Thanks for report. Note thatyour fix would throw a NPE . So I've trimmed the return value from the obtainUsername() method instead.
        Hide
        Ingo added a comment -

        Thank you Luke.

        Show
        Ingo added a comment - Thank you Luke.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Ingo
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: